|
|
sudo
Impress tutorial is here.
sudo (super user do or substitute user do; officially pronounced /?su?du?/, is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user (normally the superuser). By default, sudo will prompt for a user password but it may be configured to require no password. sudo logs each command run and in some cases has completely supplanted the superuser login for administrative tasks, most notably in Ubuntu Linux and Apple's Mac OS X.
sudo was originally written by Bob Coggeshall and Cliff Spencer "around 1980" at the Department of Computer Science at SUNY/Buffalo. The current version is maintained by OpenBSD developer Todd C Miller and distributed under a BSD-style license.
Source - Wikipedia
Home page: http://www.sudo.ws/sudo/
root = UID 0
root is the user name or account that by default has access to all commands and files on a Linux or other Unix-like operating system. It is also referred to as the root account, root user and the superuser. UID 0 could be called anything not just root.
root EXISTS!!!!
Only logging in as root can be disabled.
Benefits of using sudo
- It avoids the tendency of Windows users to login as an "Administrator." sudo encourages users to minimize their use of admin privileges.
- Do not need to log into a terminal session as root to do admin tasks.
- Users only need to remember one password.
- Users stop and think before executing potentially dangerous commands.
- sudo keeps a log ( /var/log/auth.log in ubuntu).
- No one can log in as root, including through ftp and ssh.
- A hacker needs to know a username on the system to attempt to brute force a password as there is no login for the always present root user.
- Multiple admins can have varying sudo privileges and admins can be added or removed without compromising root access or making everyone remember a new password.
- sudo can be setup with a very fine-grained security policy.
- The privileges expire after a timeout. When commands are executed using sudo walking away from the terminal does not leave root access open.
Disadvantages of using sudo
- If sudoers file damaged you have no root access, especially on remote box.
- If user's password is compromised so is that user's sudo privileges
- if user's password compromised one can execute a root shell by default or through other apps that have a shell escape, such as perl scripting.
- Redirecting the output of commands run with sudo can be complex.
sudo ls > /root/somefile
does not work because the shell is writing the file with it's environment permissions.
Use: ls | sudo tee -a /root/somefile to append
or: ls | sudo tee /root/somefile to overwrite
Pass the whole command to a shell process run under sudo to have the file written to with root permissions: sudo bash -c "ls > /root/somefile".
- Systems which import users through nss or other techniques need a local user with sudo privileges for setup and repair when nss services are not available (network down), since root login is dissabled.
Sudo Misconceptions
sudo is less secure than using root environment
- Both share the same weakness, the user account. If an attacker gains access to the user account they can gain root privileges on the users next sudo command or root login through a keylogger. User accounts need to be protected as closely as a root account.
It is not possible to enter single-user mode!
- In Ubuntu and OsX the sulogin app has been patched to deal with a locked root password.
- Console users have access to the boot loader, and can gain administrative privileges in various ways during the boot process.
For example, by specifying an alternate init(8) program. Linux systems are not typically configured to be secure at the console, and additional steps (for example, setting a root password, a boot loader password and a BIOS password) are necessary in order to make them so. Note that console users usually have physical access to the machine and so can manipulate it in other ways as well. -UbuntuWiki
Secure the root account!
- Give root a different password than your user account.
- Disable root ssh logins by editing the following line in /etc/ssh/sshd_config:
PermitRootLogin no
- Disable all password logins to ssh. Only allow public key authentication.
- Disable root ftp logins.
- After enabling root logins disable user sudo access by commenting out the %admin line in /etc/sudoers:
# %admin ALL=(ALL) ALL
With these changes the system is arguably more secure than a default OsX or ubuntu system using sudo ( if ssh and ftp servers are running). If an attacker obtains a user's password, the account can't be used to gain root privileges. Unless the attacker has a local account to try privilege escalation vulnerability the root password would need to be cracked to gain root access.
Making Sudo more Distro Friendly
- Create new menu entries and modify existing menu entries.
- In GNOME use gksudo
- In KDE use kdesu or kdesudo depending on version
- sudo sh or sudo /bin/bash
WARNING - This puts you in a root shell so you must exercise caution.
Every command you execute is in the root environment.
Also all files created have owner and group set to root.
- Create a root console menu entry – see above warning!
- Create keyboard shortcuts/hotkeys – keyboards are faster than mice!
Sources:
http://www.sudo.ws/sudo
http://en.wikipedia.org/wiki/Sudo
|
LUG How Tos 
